ISO/IEC 18028-1:2006

Information technology -- Security techniques -- IT network security -- Part 1: Network security management

ISO/IEC 18028-1:2006 provides detailed guidance on the security aspects of the management, operation and use of information technology (IT) networks, and their interconnections.

It defines and describes the concepts associated with, and provides management guidance on, network security - including on how to identify and analyse the communications-related factors to be taken into account to establish network security requirements, with an introduction to the possible control areas and the specific technical areas (dealt with in subsequent parts of ISO/IEC 18028). It is relevant to anyone who owns, operates or uses a network. This includes senior managers and other non-technical managers or users, in addition to managers and administrators who have specific responsibilities for information security and/or network security, network operation, or who are responsible for an organization's overall security programme and security policy development.

The general objective of ISO/IEC 18028 is to extend the security management guidelines provided in ISO/IEC TR 13335 and ISO/IEC 17799 by detailing the specific operations and mechanisms needed to implement network security controls in a wider range of network environments, providing a bridge between general IT security management issues and network security technical implementations.


General information

Got a question?

Check out our FAQs

Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

Keep up to date with ISO

Sign up to our newsletter for the latest news, views and product information

 Subscribe